(first revised version, included link to URL-encoding)

After so many years, I've come up with a somewhat practicable solution
for HTML login within Xenu. Or rather, the competition did:
http://www.relsoftware.com/wlv/help/how-to-check-password-protected-web-sites-ht\
ml/

Submitting a FORM was never a technical problem for me; I have tested
this years ago already, but without any user interface. My mistake was
to look for a general way to catch FORMs in HTML pages, instead of just
using the login FORM url as a start.

A test version of Xenu with login FORMs can be found here:
http://home.snafu.de/tilman/tmp/xenubetaform.zip

The initial dialogbox has a new checkbox for POST and a POST query
string. Note that the query string won't be stored in the INI file.

Imagine you'd want to check the (imaginary) password protected website
https://www.host.com. Look at the HTML for the FORM:

<FORM METHOD="POST" ACTION="https://www.host.com/scripts/login.php">
<INPUT TYPE="text" NAME="User">
<INPUT TYPE="password" NAME="Password">
<INPUT TYPE="submit" NAME="Submit" VALUE="Login">
</FORM>

Thus, the start URL would be
https://www.host.com/scripts/login.php

and if the username is "Xenu", and the password is "Secret", the POST
query string would be

User=Xenu&Password=Secret&Submit=Login

(The POST query string gets tricky if there are spaces or special
characters in the parameters. It must be "URL-encoded", see here:
http://en.wikipedia.org/wiki/Query_string#URL_encoding )

Important 1:
You must add https://www.host.com to the inclusion list. If you don't,
only URLs beginning with https://www.host.com/scripts/ will be checked.

Important 2:
Don't let Xenu hit the logout link. To avoid this, add the logout URL to
the exclusion list:
https://www.host.com/scripts/logout.php

I'm not yet sure if is important to have cookies enabled. If yes, don't
let Xenu hit any URLs that delete or change something.

Tilman